drizzt Posted January 23, 2008 Posted January 23, 2008 i'm not very experienced with odbgscript and currently try to achieve to auto-unpack a binary.so i'm asking:1. is there a special command to enum all the sectionnames, sectionstartaddresses and its sizes of a binary? GMI just shows me the CODEBASE and CODESIZE2. is there a command to set the access rights of a chosen section?thanks in advance/drizzt
human Posted January 23, 2008 Posted January 23, 2008 you know that odbgscript has manual in txt with all commands inside, when you look you will know.
SunBeam Posted January 23, 2008 Posted January 23, 2008 You know that there are no commands in there. Why make him go look? You can find most of the sections' RVA pointers in PE header. Make a variable that will hold codebase and deviate from that to the pointer locations. For instance: BaseOfCode: gmi eip,MODULEBASE mov base,$RESULT ask "BaseOfCode offset:" cmp $RESULT,0 je @cancel mov offset,$RESULT add base,[base+offset] The above will find the address where IAT is stored. Offset is dynamically located in PE header, so that's why I ask for it..
Fungus Posted January 23, 2008 Posted January 23, 2008 You can use the above example with GetModuleBase and use offset to pe header pointer to find the sections etc. (names, offsets, flags) You just need a good doc on the PE header to know the offsets and how to use them. Goppit's is great.
human Posted January 23, 2008 Posted January 23, 2008 wtf there are commands i didnt say there will be command he is looking for. it was for learning purpose to teach people to look alone first. due if he would look there he would see no such command exist and this topic wouldnt be necessery. or maybe you love useless topics, because someone is lazy to look alone.
Teddy Rogers Posted January 23, 2008 Posted January 23, 2008 wtf there are commands i didnt say there will be command he is looking for. it was for learning purpose to teach people to look alone first. due if he would look there he would see no such command exist and this topic wouldnt be necessery. or maybe you love useless topics, because someone is lazy to look alone. If the commands he were looking for were not there then it is probably why he posted the question Anyway, this forum is about helping people no matter the question, providing of course it isn't a specific crack request... Ted.
drizzt Posted January 23, 2008 Author Posted January 23, 2008 wtf there are commands i didnt say there will be command he is looking for. it was for learning purpose to teach people to look alone first. due if he would look there he would see no such command exist and this topic wouldnt be necessery. or maybe you love useless topics, because someone is lazy to look alone. If the commands he were looking for were not there then it is probably why he posted the question Anyway, this forum is about helping people no matter the question, providing of course it isn't a specific crack request... Ted. yep, i've already searched some time for a matching command, without luck. but sometimes it even happens to humans that they overlook some things, which are not directly obvious. :biggrin: thanx for everyone who pointed me to the right direction.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now